45029 matches found
EDK2 安全漏洞
EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from improper input validation and could lead to arbitrary command execution...
Linux Distros Unpatched Vulnerability : CVE-2025-2296
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Improper Input Validation by local access. Successful exploitation of this vulnerability could...
PT-2025-50216
Name of the Vulnerable Software and Affected Versions openmptcprouter versions through 0.64 Description An issue exists in openmptcprouter through version 0.64, specifically within the file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c and the create xor ipad opad function. This...
CVE-2025-27020
Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...
CVE-2025-27020
Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...
EUVD-2025-201700
Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...
CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9
Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...
CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9
Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Next.js Exploit Tool 이 도구는 Next.js의 취약점CVE-20...
VulnCheck KEV: CVE-2023-52076
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...
📄 Zimbra Collaboration Suite Postjournal 9.0.0 Remote Command Execution
A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...
Linksys E1200 Router Firmware <= 2.0.11.001 Multiple Vulnerabilities
Linksys E1200 routers are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
📄 Cacti 1.2.29 Remote Command Execution
Proof of concept exploit that demonstrates how authenticated users with access to Graph Templates in Cacti can abuse RRD invocation parameters to write arbitrary PHP files, then trigger execution leading to remote command execution. Version 1.2.29 is affected...
CS-Cart-POC
CS-Cart RCE & LFI Exploit Developed by: Strikoder Tes...
Exploit for CVE-2025-9074
CVE-2025-9074 Exploit Tool A sophisticated exploitation frame...
MAL-2025-192361 Malicious code in datadog-checks-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c81f3e37fe2d626410665826364d682e76edf32642b1cf36d4b12b987a9b102 The package datadog-checks-base was found to contain malicious code. Source: ghsa-malware...
MAL-2025-192362 Malicious code in evil-rce2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 63a6a4d1f5ad55b3b2b836b95a7153f322bb4ea2f718f665a51a4a94f32576d5 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...
Malicious code in telco (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 55c8199592663c3f388cba22988800084bbc3a5696279eb22c53e837c1d8ac40 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...
MAL-2025-192353 Malicious code in fdir1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ba081e2ca3fffe519e73fc13330df7332fbaf118aa8f6c193b43e9b2ce8a5ce The package fdir1 was found to contain malicious code. Source: ossf-package-analysis 8f5aefdb4168145eaa4b092c9e5f4fbd482f9fbd1fc0328b3272f3e2067731e8...
Malicious code in ssf-desktop-api-openfin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367b2689b7d50c48e26747ef1edce3a36165d64fd361ad3fc19f1c52fce204f9 The package ssf-desktop-api-openfin was found to contain malicious code. Source: ossf-package-analysis...